The WordNet 3.0 Unix library and command-line interface suffer from a
number of stack overflows due to their handling of command line
arguments,
environment variables and data read from user supplied dictionaries.

The oCERT team was contacted by Moritz Muehlenhoff from the Debian
project requesting an audit of the WordNet code base. These
vulnerabilities
were the findings of the requested audit.

It should be noted that despite the ease with which arbitrary code can
be executed via these WordNet flaws, unless WordNet is being used by a
daemon or web
service running as a user other than that of the attacker, this is
unlikely to
result in privilege escalation or the ability to take any action not
already
possible as the attacking user.

The following patch fixes the issues:
http://www.ocert.org/analysis/2008-014/wordnet.patch

Affected version:

WordNet = 3.0

Fixed version:

Princeton unfortunately lack the resources to produce a new release of
this
code and will therefore not be releasing a new version as a result of
this
audit.